package cn.com.liuxiaoluxx.cloud.api.controller;

import com.alibaba.dubbo.config.annotation.Reference;
import com.baomidou.mybatisplus.extension.api.R;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;

import cn.com.liuxiaoluxx.cloud.api.aspect.annotation.RateLimit;
import cn.com.liuxiaoluxx.cloud.api.result.RestResult;
import cn.com.liuxiaoluxx.cloud.facade.pojo.AuthUser;
import cn.com.liuxiaoluxx.cloud.facade.pojo.User;
import cn.com.liuxiaoluxx.cloud.facade.request.LoginRequest;
import cn.com.liuxiaoluxx.cloud.facade.service.user.UserService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;

/**
 * The type IntelliJ IDEA.
 * <p>
 *
 * @author liuxiaolu
 * @date 2020/9/17
 */
@RestController
@RequestMapping("/users")
@Api(tags = "用户相关接口, 提供用户相关的 Rest API", value = "/users")
public class UserController {

    @Reference(version = "1.0.0")
    private UserService userService;

    /**
     * 用户登录
     *
     * @param loginRequest 登录请求
     * @return 登录响应, 用户实体
     */
    @RateLimit
    @PostMapping("/login")
    @ApiOperation("用户登录")
    public RestResult<AuthUser> login(@RequestBody LoginRequest loginRequest) {

        Subject currentUser = SecurityUtils.getSubject();
        try {
            currentUser.login(new UsernamePasswordToken(loginRequest.getUsername(), loginRequest.getPassword()));
        } catch (UnknownAccountException uae) {
            return RestResult.failure(401, "用户帐号或密码不正确");
        } catch (LockedAccountException lae) {
            return RestResult.failure(401, "用户帐号已锁定不可用");

        } catch (AuthenticationException ae) {
            return RestResult.failure(401, "认证失败");
        }

        currentUser = SecurityUtils.getSubject();
        AuthUser authUser = (AuthUser) currentUser.getPrincipal();
        authUser.setSessionId(currentUser.getSession().getId().toString());

        return RestResult.ok(authUser);
    }

    /**
     * 查询用户列表
     *
     * @return 登录响应, 用户实体
     */
    @RateLimit
    @GetMapping
    @ApiOperation("查询所有用户")
    @RequiresRoles({"admin"})
    public RestResult<List<User>> list() {
        List<User> users = userService.selectAllUser();

        return RestResult.ok(users);
    }

    @RateLimit
    @GetMapping("/logout")
    @ApiOperation("用户登出")
    public RestResult<Boolean> logout() {
        SecurityUtils.getSubject().logout();

        return RestResult.ok();
    }
}
